The first generation of Estonian eID cards was issued in 2002. Since then, there have been three generations of cards. Preparations for the fourth generation of ID‑1 format documents began at the end of 2014 in order to produce an even more technically advanced and highly secure identity document. Estonia is a highly digitalised nation. Purchasing blank documents and personalisation and certification services have had a remarkable impact on the e-Estonia ecosystem. After four years of complex procurement and project implementation efforts, Estonia introduced the new generation of identity cards, residence permit cards, digital identity cards and diplomatic identity cards in December 2018.
Estonia has already been active in the eID sector for over 17 years. All Estonian ID‑1 format documents are equipped with digital authentication, digital signing and encryption/decryption functionalities. Today, 98% of Estonians have an identity card and about two-thirds of these cardholders use it regularly for e-services.[1] Most government services are offered online and there are more than 2,000 e-services available. The Estonian ID card has played a very important role in Estonia becoming one of the world’s leading digital societies.
Parties involved
In order to ensure the best outcome of the ID-1 project, several organisations, each with their experience and expertise were involved in its implementation. The Police and Border Guard Board (PBGB) is the main authority that issues identity documents in Estonia, and is also responsible for the physical security of documents. In addition to the know‑how of document experts from the PBGB, the expertise of the Estonian Forensic Science Institute was consulted in the selection of security elements. The Estonian Information System Authority (EISA) was in charge of the electronic operations of ID-1 format documents, the security and compliance of the chip and chip application, for developing software that enables end users to use the cards in their personal computers and for e-services in general. The IT and Development Centre of the Ministry of the Interior and the Ministry of Foreign Affairs prepared the systems and data exchange with the card manufacturer so that the new ID-1 format documents could be issued. The core project team consisted of fewer than 10 people and the team members also had their other daily tasks to attend to.
Design elements
The new generation of ID-1 format documents was part are a document family. Both the document design and the respective materials share the characteristics of Brand Estonia, created by the Estonian Design Team
in 2016.[2] The visual language of Brand Estonia follows the principle of keeping things clean and simple, something which is also reflected in the design of the new documents.
Along with the new design, several new security elements were introduced. The most noticeable change was the implementation of a colour photo based on LasinkTM technology. Previously, only black‑and‑white photos had been laser engraved on ID cards. Prior to the final decision on implementing this feature, groups of border guards and officers not involved with security documents participated in the testing to assure that the new colour photo technology would benefit the identification of the document holder. The new technology also called for much stricter rules regarding photo quality in the document application process; scanned images are only allowed in exceptional cases. Previously, LasinkTM technology had been implemented in the passports of Costa Rica and Andorra. However, Estonia is the first country to implement this solution in an ID card.
In addition to the colour photo, a laser‑engraved ghost image was included in the ID card. This element becomes visible to the naked eye only in oblique light. In order to enable the unambiguous identification of the document holder, the minimum size of the ghost image was already determined during the procurement phase to make the verification of the document holder easier for border control and other officials.
As Estonia is proud of its natural environment, several characteristic elements and facts about Estonia’s nature can be found on the card. It features a transparent window, offset printed optically variable element and an MLI shaped as a boulder. UV light reveals a true colour image of a lynx, commonly found in Estonian forests. The background features a famous marsh and tiny images of the animals often found there, to illustrate the variety of wildlife and the beauty of Estonian nature.
Additional features
In order to increase their security, all blank documents now carry an individual number. Previously, documents were not individually numbered until the personalisation stage. The ability to now detect lost and stolen blank documents provides additional security.
In terms of checking the validity of documents, the border guard and other institutions cannot rely solely on checking the expiry date of the physical document. Documents are lost and stolen every day, and to insure that nobody else can use the identity of the document holder, it is also necessary to check the document validity using a database. For almost five years, Estonia has been using a QR code to check the validity of e-Passports and now this feature is also implemented in ID cards. Using the QR code, web-based document validity checks can be executed anywhere. These checks provide up-to-date information as to whether the document is valid and whether it was issued by the PBGB.
Electronic functionality of the eID
The new ID-1 format documents include a new chip with a contactless interface (NFC) and more memory space. Estonia has created a possibility for e-service providers to develop applications that can be beneficial to cardholders. For example, as an alternative to a separate public transportation card, a public transport application can be linked to the ID card and the user can use the NFC functionality to validate the ticket. However, for security reasons, all applications have to be validated and approved by the EISA or the PBGB before they can actually be used on the ID card.
Additional memory space on the ID card is also required so that biometric features can be added in future. The European Commission intends to strengthen the security of identity cards of EU citizens and of residence documents issued to Union citizens and their family members who exercise their right of free movement. Currently, biometric data are not stored on the chip of the Estonian ID card.
The functionality of the contact chip will continue to be used for authentication and digital signing. Estonia has replaced RSA keys with elliptic curve cryptography (ECC), which e-service providers were already familiar with due to the cryptography updating process of 2017-2018. ECC keys have proven to be more secure and faster in crypto-operations compared to the previously used RSA keys.
Implementation challenges and takeaways
As with every large-scale project, developing Estonia’s new generation ID-1 project involved several challenges. First, it took a long time for the card manufacturer to realise the complexity of the e-Estonia ecosystem and the importance of the eID due to its enormous popularity with Estonia’s citizens. According to the 2017 Emergency Act, along with the electricity supply and the road network, access to digital identification and digital signing are considered of vital importance.
Since the introduction of the eID in 2002, the systems and data exchange between the card manufacturer and the PBGB remained largely unchanged because the partner was the same. Now, the new card manufacturer faced challenges in setting up a data exchange through X-tee, an environment enabling a secure internet-based data exchange between information systems used in Estonia.[3] Whereas Estonia’s public and private sector entities are very familiar with this, gathering the specific security software and hardware requirements proved a challenge for a foreign company. In order to proceed quickly and not to jeopardise the project schedule, a local consultant was asked for assistance.
As 99% of public services in Estonia are available online, it is important that the e-functionality of new documents can be used smoothly and without interruptions. Therefore, the EISA began distributing test cards to e-service providers as early as six months before the project’s go‑live date. The state considered this period sufficient for preparing the existing systems, making the services compatible with the electronic part of the new document and providing feedback regarding any abnormalities found during the testing phase. The feedback from e-service providers in turn allowed them to fix any issues prior to the launch and make sure card users would have a smooth experience.
Post-issuance services
In addition, Estonia plans to expand the network of post-issuance services at Estonia’s embassies and consulates around the world. Until now, only the consular departments abroad were tasked with accepting new document applications and issued identity documents to citizens and e‑residents living abroad. Post-issuance services provide additional benefits for the card user. For example, if cardholders lose or forget their PIN codes, the consular departments can provide them with a new one so they can regain access to their e-services. Without a PIN, online authentication or signing documents digitally is not possible. Previously, cardholders would have to apply for a new document or visit a service office in Estonia. Post-issuance services also include certificate status services (suspension, reactivation and revocation), the latter two of which will require the cardholder to be physically present to complete the action. These services are free for the cardholder and providing them at an Estonian embassy or consulate is often cheaper and more convenient.
The service expansion requires close cooperation between the PBGB, the Ministry of Foreign Affairs and the document manufacturer in order to prepare the network connections necessary for a consistent service regardless of the location. Several obstacles concerning security requirements, infrastructure limitations and network connectivity were resolved during a long and intensive process. There were also many cases where it was not possible for the card manufacturer to use the existing systems due to the specific environment and procedures already in place. Custom solutions will be provided to meet PBGB needs, as this service will be implemented in a few months time.
Conclusion
The journey from preparing the procurement to finally issuing the new ID-1 format documents has been a challenging task. In the case of Estonia involving various parties, each with specific expertise in the preparation and implementation of such a large-scale project, was vital. Although the project team was rather small, with efficient cooperation they managed to produce a family of high‑quality and secure ID-1 format documents. It is important to keep in mind that the fact that the new documents have been launched does not mean that work on the eID is now complete. Various teams continue to make sure that the physical and electronic identity on the cards remains functional and secure.
References
- e-identity[Accessed 23 November 2018].
- brand estonia.
[Accessed 23 November 2018]. - Republic of Estonia Information System Authority. Data Exchange Layer X-tee.[Accessed 23 November 2018].
Eliisa Sau holds the position of identity documents expert at the Estonian Police and Border Guard Board. Eliisa has been involved in the implementation of the fourth-generation ID-1 format documents project, developing their new security design and improving the processes for post-issuance services. She is responsible for the quality of the Estonian e-IDs and e-Passports, as well as for document and certificate expertise. This article has been written as a joint work of Eliisa and her colleagues from the Identity and Status bureau.